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DETAILED ACTION 

1 . Claims 1 -1 0 are pending. 



Claim Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for 
the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

3. Claims 1-10 are rejected under 35 U.S.C. 102(e) as being anticipated by Lantto et al (Lantto), US 
Pub. No. 2004/0054794. 

As per claim 1 , Lantto discloses: 

- A method for encrypting data in an access virtual private network (VPN), comprising the 
steps of: (Page 7, paragraph 164, "The VPN software will then perform the necessary step to establish 
the secure connection by negotiating bulk encryption keys with the VPN gateway 415'). 

- performing a link control protocol (LCP) negotiation regarding at least one of an 
authentication method, data compression, maximum data size receivable, link status monitoring, and 
whether to perform data encryption; (Page 6, paragraph 143, "PPP Link Control Protocol (LCP): the 
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computer 401 and the GPRS device 403 exchange several messages to negotiate link parameters 
e.g. Maximum Receive Unit (MRU), Authentication Protocol ") 

- checking a user identification (ID) and a password when the LCP negotiation determines 

that mutual authentication is required, said negotiation being conducted by two terminals according to an 
LCP negotiation condition at the step of performing the LCP negotiation; (Page 6, paragraph 143, "PPP 
Link Control Protocol (LCP): the computer 401 and the GPRS device 403 exchange several 
messages to negotiate link parameters e.g. Maximum Receive Unit (MRU), Authentication 
Protocof). Moreover, (page 2, paragraph 32, "Authentication: These are techniques that enable to 
ensure that both ends of the session, the user and the remote network access server, are really 
who they say they are. This is achieved in a number of ways, but generally requires the user to provide 
some input, e.g. a passward, a smart card etc.") 

- performing data encryption when the step of performing the LCP negotiation results in a 
determination that data encryption is to be performed; (page 2, paragraph 33, "Encryption: Using a 
previously agreed encryption algorithm, machines can scramble the data they exchange so that they 
can detect any attempt to tamper with it, and ensure end-to-end confidentiality") 

- performing network control protocol (NCP) negotiation in order to negotiate information for a 
Layer 3 communication access between a user and a private network; (Page 6, paragraph 145, PPP 
Network Control Protocol (NCP)/IP control protocol (IPCP): the RAS request certain IP network 
parameters (as per the requirements passed by the RAL system) in a 'PPP IPCP configuration request* 
message. These parameters comprise e.g. IP address allocation policy, name servers, end-to-end 
compression, etc") 

- transmitting and receiving data by forming a session between the user and the private 
network when the NCP negotiation is performed between the user and the private network. (Page 
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2, paragraph 35, "To achieve this, a so-called 'tunneling protocol' is required. This protocol gives the 
illusion that a remote computer 102 us directly connected to the private network 101. It avoids local 
machines sending data in clear via an un-secure public gateway 104 when they reply to a remote 
computer"). Where tunneling protocol is a network protocol. 

As per claim 2, Lantto discloses: 

- The method according to claim 1 , wherein the NCP negotiation is performed after the data 
encryption is performed. (Page 2, paragraph 35, "Instead data to the remote computer is intercepted by 
the secure gateway 103, e.g. using proxy Address Resolution Protocol (ARP), optionally encrypted, 
then 'encapsulated', and finally routed via the internet 105 to the remote computer 102") 

As per claim 3, Lantto discloses: 

- The method according to claim 1, wherein the NCP negotiation is performed when it is 
determined, during performance of the LCP negotiation, that authentication and data encryption are 
not required. (Page 2, paragraph 35, "Instead data to the remote computer is intercepted by the secure 
gateway 103, e.g. using proxy Address Resolution Protocol (ARP), optionally encrypted, then 
'encapsulated', and finally routed via the internet 105 to the remote computer 102"). Lantto also disclose, 
(page 6, paragraph 144, PPP Authentication: Optionally, the RAS component 215 n the computer 401 
retrieves the authentication credentials from RAM and pass them on to the GPRS phone 403. 

As per claim 4, Lantto discloses: 

- The method according to claim 1 , wherein an item for selecting whether to perform data 
encryption is added to an LCP negotiation option table of the user and the private network in 

advance of the step of performing the LCP negotiation. (Page 6, paragraph 143, "PPP Link Control 
Protocol (LCP): the computer 401 and the GPRS device 403 exchange several messages to negotiate 
link parameters e.g. Maximum Receive Unit (MRU), Authentication Protocol"). In addition, Lantto disclose, 
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(Page 7, paragraph 164, "The VPN software will then perform the necessary step to establish the secure 
connection by negotiating bulk encryption keys with the VPN gateway 415'). 

As per claim 5, Lantto discloses: 

- The method according to claim 1, wherein the step of checking the user ID and the password 
comprises using a password authentication protocol (PAP) for providing user authentication by 
delivering the user ID and the password in form of a text, (page 2, paragraph 32, "Authentication: 
These are techniques that enable to ensure that both ends of the session, the user and the remote 
network access server, are really who they say they are. This is achieved in a number of ways, but 
generally requires the user to provide some input, e.g. a passward, a smart card etc, and the 
machines to perform some cryptographic treatment, e.g. hash functions. Password Authentication 
protocol (PAP), Challenge Handshake Authentication Protocol (CHAP) are example of standard 
authentication techniques that exists"). 

As per claim 6, Lantto discloses: 

- The method according to claim 1, wherein the step of checking the user ID and the password 
comprises using a challenge handshake authentication protocol (CHAP) for providing user 
authentication using a hash function, (page 2, paragraph 32, "Authentication: These are techniques 
that enable to ensure that both ends of the session, the user and the remote network access server, are 
really who they say they are. This is achieved in a number of ways, but generally requires the user to 
provide some input, e.g. a passward, a smart card etc, and the machines to perform some 
cryptographic treatment, e.g. hash functions. Password Authentication protocol (PAP), Challenge 
Handshake Authentication Protocol (CHAP) are example of standard authentication techniques 
that exists"). 



As per claim 7, Lantto discloses: 
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- The method according to claim 1, wherein the step of performing data encryption comprises 
using a data encryption standard (DES). (Page 2, paragraph 33, "There is a number of encryption 
algorithms such as Data Encryption Standard (DES), 3-DES etc.") 

As per claim 8, Lantto discloses: 

- The method according to claim 1, wherein the step of performing data encryption comprises 
using a user password as a key value for encryption, (page 2, paragraph 33, "Encryption: Using a 
previously agreed encryption algorithm, machines can scramble the data they exchange so that they 
can detect any attempt to tamper with it, and ensure end-to-end confidentiality. This however generally 
requires the two machines to have an identical set of cryptographic material or keys to seed the 
encryption algorithm"). According to Lantto, "cryptographic material or key", inherently indicate a password. 

As per claim 9, Lantto discloses: 

- The method according to claim 1, wherein the LCP negotiation is performed with respect to 
both the authentication method and whether to perform data encryption. (Page 6, paragraph 143, 
"PPP Link Control Protocol (LCP): the computer 401 and the GPRS device 403 exchange several 
messages to negotiate link parameters e.g. Maximum Receive Unit (MRU), Authentication 
Protocor). According to Lantto, (page 2, paragraphs 31, 32, 33 and 34, Secure networking covers 
three areas: Authentication, Encryption and Tunnelling or Virtual private Networks (VPNs)) 

As per claim 10, Lantto discloses: 

- The method according to claim 9, wherein the step of performing data encryption comprises 
using a user password as a key value for encryption, (page 2, paragraph 33, "Encryption: Using a 
previously agreed encryption algorithm, machines can scramble the data they exchange so that 
they can detect any attempt to tamper with it, and ensure end-to-end confidentiality. This however 
generally requires the two machines to have an identical set of cryptographic material or keys to 
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seed the encryption algorithm"). According to Lantto, "cryptographic material or key", inherently indicate 
a password. 

Conclusion 

4. The prior art made or record and not relied upon is considered pertinent to applicant' s 
disclosure. 

TITLE: Appartus and method for performing and controlling encryption/decryption for data to be 
transmitted on local area network, US 6,275,588. 

TITLE: Automatic discovery of network core type, US Pub. No. 2004/0052257. 

TITLE: Method and system for enabling layer 2 transmission of IP data frame between user terminal and 
service provider, US Pub. No. 2003/0037163. 

TITLE: Method and arrangement to secure access to a communication network, US 7,152,160. 
TITLE: Mobile virtual network system and method, US 6,970,459. 

Any inquiry concerning this communication or earlier communications from the examiner should 
be directed to Teshome Hailu whose telephone number is (571) 270-3159. The examiner can normally 
be reached on Mon-Fri 7:30a.m. to 5:00p.m. PST. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 
Chamili Das can be reached on (571 ) 272-3696. The fax phone number for the organization where this 
application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent Application 
Information Retrieval (PAIR) system. Status information for published applications may be obtained from 
either Private PAIR or Public PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) 
at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative 
or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272- 
1000. 

Teshome Hailu 
TH 

Patent Examiner 
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